02 Aug 2018

DIGITALEUROPE position on the proposed e-evidence package

As the voice of the digital technology industry in Europe, DIGITALEUROPE represents many companies that provide a range of cloud-based services to enterprises and consumers across the EU. We consider the European Commission’s proposals on improving cross-border access to electronic evidence in criminal matters (hereafter the ‘e-evidence package’) an important opportunity to provide legal certainty for both companies operating in this space and users – both citizens and businesses – who rely on our members’ services to store and process some of their most sensitive and private information.

Our members take their responsibility to maintain the safety, security and privacy of millions of users in the EU seriously and invest heavily in technologies and processes designed to protect the security and confidentiality of data stored in the cloud. They also recognise that there are situations where they need to assist law enforcement agencies (LEAs) carrying out investigations into criminal activity. As stated in previous DIGITALEUROPE papers, we believe that the legal framework governing cross-border requests should be clarified, and we are eager to continue to work with all relevant stakeholders on these important issues.

DIGITALEUROPE has supported the European Commission’s effort to find workable solutions to improve cooperation with service providers within the existing framework. We believe the proposed package can establish a transparent and principled EU-wide framework that enables LEAs pursuing criminal investigations in one Member State to obtain digital evidence from a provider established in a different Member State, regardless of where that evidence is located.

The proposal also includes several critical safeguards to ensure that users’ fundamental rights are respected and moves the EU closer to creating a more consistent and rules-bound international framework for lawful access to data in the cloud. The proposed forms to request data will also greatly enhance harmonisation and legal clarity. We also support the Commission’s proposal for a Directive to establish a legal representative in the Union.

This legislation will set an important international precedent. It is essential for the EU to define its jurisdictional views in a way that would allow the Union to feel comfortable should its approach be replicated by other countries, which could have substantially different rule-of-law and fundamental rights safeguards. As they currently stand, the proposed jurisdictional rules are based on the ‘offering of services in the Union’ – both enabling legal or natural persons to use the service and with a substantial connection to the EU – but lack other international standards, such as ‘possession and control.’ EU legislation may be followed by other countries of varying rule-of-law standards; it is thus important that it improves and does not undermine the protection offered by the current system.

DIGITALEUROPE looks forward to engaging in a constructive discussion with policymakers and stakeholders on all key points in the proposals.

For more information, please contact:
Alberto Di Felice
Senior Policy Manager for Infrastructure, Privacy and Security
Martin Bell
Policy Officer for Privacy and Cybersecurity
Back to Data privacy
View the complete Policy Paper
PDF
Our resources on Data privacy
Policy Paper 18 Sep 2018
DIGITALEUROPE position on Indian Data Protection Bill 2018
Policy Paper 15 Nov 2019
The proposed e-evidence package in light of the Council’s General Approach
Policy Paper 08 Oct 2019
Time to rethink ePrivacy
Hit enter to search or ESC to close